I just browsed a site a while ago that was flagged as an "attack site" or has malware, but Firefox didn't warn before I went into it. Only when I opened a new tab with another page from the site did it block the page.

How do I check for vulnerabilities on my system since I think there are no anti-malware available for Ubuntu? If there are, please do tell.

3 Answers
3

If the vulnerability to exploit is in the browser (or plugin it uses) then yes. They're just as exploitable as their counterparts on Windows and OSX. There are of course plenty of single-platform examples too but many Flash (for example) exploits are cross-platform.

Thankfully most exploits are just droppers (to install something else on the computer) and most of those aren't compatible with Linux. But you shouldn't get complacent and get cocky. Web security applies to everybody. Just because people aren't targeting you today, doesn't mean they never will.

There are antivirus products for Linux (AVG, ClamAV) that go some way to detect bad things but the market hasn't caught up with Desktop Linux users yet IMO.

Though, I should add, most of those are server-orientated for scanning files/emails/etc heading for Windows machines.
–
Oli♦Nov 11 '10 at 1:20

5

Anti-virus is closing the stable door after the horse has bolted.
–
scottlNov 12 '10 at 2:45

4

@scottl But we're dealing with horses that try to get through cracks in the walls when we least expect it. It's handy to have a security fence around the barn to stop the horse getting too far.
–
Oli♦Nov 12 '10 at 3:09

I've been using Linux exclusively for ten years. I have had a broadband connection all that time and use the internet constantly. I do not run any anti-virus or anti-malware protection and have had no issues. That is not to say that it can't happen, but the likelihood is so slight and the difficulty in using Linux anti-virus software is such a pain that it is not worth the effort, IMO.

If the threat was credible there would be applications available. Linux users tend to be very security conscious. The same could be said for other Windows practices, such hard drive defragmentation. Yes, you can do it in Linux, but there is no benefit or it is so low that it is not worth the hassle.

This is just an opinion and they vary, but that is what ten years of experience has taught me.

I have to add to this, though, that the user is mostly resposible for the security of the system and that it's up to you to not click suspicious-looking links, not run untrusted applications as root (or at all, for that matter), and don't download everything that looks 'fun'.
–
armornickNov 11 '10 at 17:24